package com.helger.xmldsig;

import com.helger.commons.ValueEnforcer;
import com.helger.commons.collection.impl.CommonsArrayList;
import com.helger.xmldsig.keyselect.ContainedX509KeySelector;
import java.util.Iterator;
import javax.annotation.Nonnull;
import javax.annotation.concurrent.Immutable;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

@Immutable
/* loaded from: input_file:WEB-INF/lib/ph-xmldsig-4.4.3.jar:com/helger/xmldsig/XMLDSigValidator.class */
public final class XMLDSigValidator {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) XMLDSigValidator.class);

    private XMLDSigValidator() {
    }

    public static boolean containsSignature(@Nonnull Document document) {
        ValueEnforcer.notNull(document, "Document");
        return document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature").getLength() > 0;
    }

    @Nonnull
    public static XMLDSigValidationResult validateSignature(@Nonnull Document document) throws XMLSignatureException {
        ValueEnforcer.notNull(document, "Document");
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        if (elementsByTagNameNS.getLength() != 1) {
            throw new IllegalArgumentException("Cannot find exactly one Signature element");
        }
        return validateSignature(document, (Element) elementsByTagNameNS.item(0));
    }

    @Nonnull
    public static XMLDSigValidationResult validateSignature(@Nonnull Document document, @Nonnull Element element) throws XMLSignatureException {
        return validateSignature(document, element, new ContainedX509KeySelector());
    }

    @Nonnull
    public static XMLDSigValidationResult validateSignature(@Nonnull Document document, @Nonnull Element element, @Nonnull KeySelector keySelector) throws XMLSignatureException {
        ValueEnforcer.notNull(document, "Document");
        ValueEnforcer.notNull(element, "SignatureElement");
        ValueEnforcer.notNull(keySelector, "KeySelector");
        XMLSignatureFactory xMLSignatureFactory = XMLDSigSetup.getXMLSignatureFactory();
        DOMValidateContext dOMValidateContext = new DOMValidateContext(keySelector, element);
        try {
            XMLSignature unmarshalXMLSignature = xMLSignatureFactory.unmarshalXMLSignature(dOMValidateContext);
            if (unmarshalXMLSignature.validate(dOMValidateContext)) {
                return XMLDSigValidationResult.createSuccess();
            }
            if (!unmarshalXMLSignature.getSignatureValue().validate(dOMValidateContext)) {
                return XMLDSigValidationResult.createSignatureError();
            }
            CommonsArrayList commonsArrayList = new CommonsArrayList();
            Iterator it = unmarshalXMLSignature.getSignedInfo().getReferences().iterator();
            int i = 0;
            while (it.hasNext()) {
                if (!((Reference) it.next()).validate(dOMValidateContext)) {
                    commonsArrayList.add(Integer.valueOf(i));
                }
                i++;
            }
            return XMLDSigValidationResult.createReferenceErrors(commonsArrayList);
        } catch (MarshalException e) {
            LOGGER.error("Failed to read XML signature: " + e.getClass().getName() + " - " + e.getMessage());
            return XMLDSigValidationResult.createSignatureError();
        }
    }
}
